Class DelegatingSecurityContextRepository
java.lang.Object
org.springframework.security.web.context.DelegatingSecurityContextRepository
- All Implemented Interfaces:
SecurityContextRepository
public final class DelegatingSecurityContextRepository
extends Object
implements SecurityContextRepository
- Since:
- 5.8
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleancontainsContext(jakarta.servlet.http.HttpServletRequest request) Allows the repository to be queried as to whether it contains a security context for the current request.loadContext(HttpRequestResponseHolder requestResponseHolder) Obtains the security context for the supplied request.loadDeferredContext(jakarta.servlet.http.HttpServletRequest request) Defers loading theSecurityContextusing theHttpServletRequestuntil it is needed by the application.voidsaveContext(SecurityContext context, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Stores the security context on completion of a request.
-
Constructor Details
-
DelegatingSecurityContextRepository
-
DelegatingSecurityContextRepository
-
-
Method Details
-
loadContext
Description copied from interface:SecurityContextRepositoryObtains the security context for the supplied request. For an unauthenticated user, an empty context implementation should be returned. This method should not return null.The use of the HttpRequestResponseHolder parameter allows implementations to return wrapped versions of the request or response (or both), allowing them to access implementation-specific state for the request. The values obtained from the holder will be passed on to the filter chain and also to the saveContext method when it is finally called to allow implicit saves of the SecurityContext. Implementations may wish to return a subclass of
SaveContextOnUpdateOrErrorResponseWrapperas the response object, which guarantees that the context is persisted when an error or redirect occurs. Implementations may allow passing in the original request response to allow explicit saves.- Specified by:
loadContextin interfaceSecurityContextRepository- Parameters:
requestResponseHolder- holder for the current request and response for which the context should be loaded.- Returns:
- The security context which should be used for the current request, never null.
-
loadDeferredContext
Description copied from interface:SecurityContextRepositoryDefers loading theSecurityContextusing theHttpServletRequestuntil it is needed by the application.- Specified by:
loadDeferredContextin interfaceSecurityContextRepository- Parameters:
request- theHttpServletRequestto load theSecurityContextfrom- Returns:
- a
DeferredSecurityContextthat returns theSecurityContextwhich cannot be null
-
saveContext
public void saveContext(SecurityContext context, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Description copied from interface:SecurityContextRepositoryStores the security context on completion of a request.- Specified by:
saveContextin interfaceSecurityContextRepository- Parameters:
context- the non-null context which was obtained from the holder.
-
containsContext
public boolean containsContext(jakarta.servlet.http.HttpServletRequest request) Description copied from interface:SecurityContextRepositoryAllows the repository to be queried as to whether it contains a security context for the current request.- Specified by:
containsContextin interfaceSecurityContextRepository- Parameters:
request- the current request- Returns:
- true if a context is found for the request, false otherwise
-